<%@ page language="java" contentType="text/html; charset=US-ASCII"
    pageEncoding="US-ASCII"%>
<%@ page import="java.sql.*" %>
<%@ page import="ca.radiologydb.util.Template" %>
<%@ page import="ca.radiologydb.util.ConnectionManager" %>

<!-- @author Nicholas Liu -->
<!-- New user page. -->

<%
	// output the nice looking template html.
	Template template = new Template(this.getServletContext().getRealPath("/").toString());
	out.println(template.getTemplateTop());
	
	// user access, not admin/not logged in
	if (session.getAttribute("username") == null
			|| session.getAttribute("usertype") == null) {
		out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
		out.println("<a href='login.jsp'>Login</a>");
	} else if (!session.getAttribute("usertype").equals("a")) {
		out.println("Cannot display results as you're not logged in, or do not have the proper permissions.");
		out.println("<a href='login.jsp'>Login</a>");

	} else {
		
		if(request.getParameter("bSubmit") != null)
        {

	        //get the user input from the login page
        	String username = request.getParameter("username").trim();
	        String passwd = request.getParameter("pass").trim();
	        String addr = request.getParameter("addr").trim();
	        String phone = request.getParameter("phone").trim();
	        String fname = request.getParameter("fname").trim();
	        String lname = request.getParameter("lname").trim();
	        String email = request.getParameter("email").trim();
	        String usertype = request.getParameter("usertype").trim();
	        
	        // insert statements
			String sql = "INSERT INTO users (user_name,password,class,date_registered) ";
	        sql += "VALUES ('"+username+"','"+passwd+"','"+usertype+"',sysdate)";
	        
			String sql2 = "INSERT INTO persons (user_name,first_name,last_name,address,email,phone) ";
	        sql2 += "VALUES ('"+username+"','"+fname+"','"+lname+"','"+addr+"','"+email+"','"+phone+"')";
	        
	        ConnectionManager manager = new ConnectionManager();
			try {
				// run insert statements.
	    		Connection conn = manager.getConnection();
            	Statement stmt = conn.createStatement();
            	
            	stmt.executeUpdate(sql);
            	
            	stmt.executeUpdate(sql2);
            	
            	stmt.executeUpdate("commit");
            	
            	out.println("SUCCESS!");
			}
			catch (Exception ex){
				out.println("FAILURE D:");
			}
			finally {
				manager.closeConnection();
			}
        }
        else
        {
        		// print out form data.
                out.println("<form method=post action=new_user.jsp>");
                out.println("Username: <input type=text name=username maxlength=24><br>");
                out.println("Password: <input type=password name=pass maxlength=24><br>");
                out.println("Usertype: <input type=text name=usertype maxlength=1><br>");
                out.println("Address: <input type=text name=addr maxlength=128><br>");
                out.println("Phone: <input type=text name=phone maxlength=10><br>");
                out.println("Email: <input type=text name=email maxlength=128><br>");
                out.println("First Name: <input type=text name=fname maxlength=24><br>");
                out.println("Last Name: <input type=text name=lname maxlength=24><br>");
                out.println("<input type=submit name=bSubmit value=Submit>");
                out.println("</form>");
        }
	}
	// close html page
	out.println(template.getTemplateBottom());
%>